Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3EMrQnqEtUEWSi_LbDS1T7p57Jo.cer
File: 3EMrQnqEtUEWSi_LbDS1T7p57Jo.cer (raw, json)
Hash identifier: ftn+paazbVYCzt9APoWCaU6msh2MSaFqIc5aXvsrdbE=
Subject key identifier: DC:43:2B:42:7A:84:B5:41:16:4A:2F:CB:6C:34:B5:4F:BA:79:EC:9A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856B62E9408CEB01B379B98EAAD7F61ACE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/5b43b8-5cfa-4407-8b63-baa0a30e371f/1/3EMrQnqEtUEWSi_LbDS1T7p57Jo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/5b43b8-5cfa-4407-8b63-baa0a30e371f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 03:32:02 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.138.248.0/22
IP: 185.172.220.0/22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:62:e9:40:8c:eb:01:b3:79:b9:8e:aa:d7:f6:1a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc432b427a84b541164a2fcb6c34b54fba79ec9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:4b:f6:bd:99:df:dd:cc:c9:02:43:c9:ff:
e5:3b:b1:b1:2a:7d:75:92:35:10:ef:1d:55:39:39:
d5:52:ad:09:41:91:81:cc:3a:ec:3a:77:4c:a9:20:
5d:e7:4f:b4:9b:63:c0:f3:0c:d4:87:71:48:49:30:
db:a8:0c:4b:99:c7:61:e8:b7:17:d9:09:bf:c2:55:
b4:29:67:25:cf:3f:56:d2:b9:78:69:38:72:b3:80:
5c:6c:ef:69:9a:ba:45:e3:54:8d:41:20:7c:7a:17:
dd:56:94:8b:76:cf:74:a8:3c:8b:34:3d:5b:0b:76:
c3:a5:ae:b5:9c:e0:07:f2:a9:3d:29:7d:5a:b7:82:
71:5d:bb:da:4b:b3:52:03:5d:28:de:a1:6d:b7:b4:
83:07:11:4c:d2:9d:d4:7c:56:63:3e:ac:a1:e5:fd:
aa:af:ee:a3:0f:48:8a:af:1a:4d:92:25:d9:76:09:
4a:61:9b:3d:4a:85:d1:cf:88:38:47:91:c0:95:c6:
46:eb:da:78:83:cf:8c:2a:63:19:6e:23:c8:09:39:
f5:94:73:92:e3:04:b4:7c:71:09:06:eb:48:1c:34:
ea:21:af:b2:1f:fd:ea:e0:ec:a3:b0:ee:36:06:94:
8f:ee:cd:4d:c6:98:f1:45:04:f8:29:f0:7d:0e:f2:
d8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:43:2B:42:7A:84:B5:41:16:4A:2F:CB:6C:34:B5:4F:BA:79:EC:9A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5b43b8-5cfa-4407-8b63-baa0a30e371f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5b43b8-5cfa-4407-8b63-baa0a30e371f/1/3EMrQnqEtUEWSi_LbDS1T7p57Jo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.248.0/22
185.172.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:08:23:66:73:a5:cf:02:3a:7d:ae:5b:32:77:86:7b:37:31:
1b:38:6c:4c:56:51:64:e2:95:99:7b:6f:3c:c3:79:2c:50:bd:
19:c4:09:6c:57:d9:59:cf:3a:5d:63:82:0d:3c:79:b0:5f:c6:
10:17:52:4f:05:46:60:0a:1a:2d:72:3c:b0:15:f2:5b:56:7b:
93:9d:c3:7c:f5:52:4b:e2:40:69:3b:d3:22:60:9c:7d:ea:d4:
21:32:9a:84:23:04:78:cb:1b:8d:32:5e:29:ca:64:25:d3:92:
1f:1a:5f:82:0c:3e:6b:97:f1:c1:50:77:99:66:c2:cd:1f:1d:
08:1d:71:38:66:49:ee:de:0b:4f:d9:49:04:9c:c5:f9:b4:64:
3d:92:e4:01:9b:e6:20:6f:be:6b:b6:5e:64:63:77:a7:ad:69:
0e:46:9d:95:fe:dd:3e:bf:b5:95:b6:cc:03:2d:1e:7d:12:43:
9f:37:d1:e1:27:69:78:b0:80:00:b4:7a:a3:be:29:b8:74:d1:
a3:00:3d:d6:ca:52:8d:9c:fe:79:66:6b:a6:7f:6d:9e:4d:53:
da:92:76:83:13:53:bb:58:af:95:b3:37:20:f4:58:45:76:a4:
55:5a:54:02:7a:a9:e9:41:6e:49:7b:df:b5:71:46:2b:fc:4d:
11:ff:5a:06
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYVrYulAjOsBs3m5jqrX9hrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQzMmI0MjdhODRiNTQxMTY0YTJmY2I2YzM0YjU0ZmJhNzllYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofpL9r2Z393MyQJDyf/lO7GxKn11
kjUQ7x1VOTnVUq0JQZGBzDrsOndMqSBd50+0m2PA8wzUh3FISTDbqAxLmcdh6LcX
2Qm/wlW0KWclzz9W0rl4aThys4BcbO9pmrpF41SNQSB8ehfdVpSLds90qDyLND1b
C3bDpa61nOAH8qk9KX1at4JxXbvaS7NSA10o3qFtt7SDBxFM0p3UfFZjPqyh5f2q
r+6jD0iKrxpNkiXZdglKYZs9SoXRz4g4R5HAlcZG69p4g8+MKmMZbiPICTn1lHOS
4wS0fHEJButIHDTqIa+yH/3q4OyjsO42BpSP7s1NxpjxRQT4KfB9DvLYcQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNxDK0J6hLVBFkovy2w0tU+6eeyaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzViNDNi
OC01Y2ZhLTQ0MDctOGI2My1iYWEwYTMwZTM3MWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvNWI0M2I4
LTVjZmEtNDQwNy04YjYzLWJhYTBhMzBlMzcxZi8xLzNFTXJRbnFFdFVFV1NpX0xi
RFMxVDdwNTdKby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQCuYr4AwQCuazcMA0GCSqGSIb3DQEBCwUAA4IB
AQALCCNmc6XPAjp9rlsyd4Z7NzEbOGxMVlFk4pWZe288w3ksUL0ZxAlsV9lZzzpd
Y4INPHmwX8YQF1JPBUZgChotcjywFfJbVnuTncN89VJL4kBpO9MiYJx96tQhMpqE
IwR4yxuNMl4pymQl05IfGl+CDD5rl/HBUHeZZsLNHx0IHXE4Zknu3gtP2UkEnMX5
tGQ9kuQBm+Ygb75rtl5kY3enrWkORp2V/t0+v7WVtswDLR59EkOfN9HhJ2l4sIAA
tHqjvim4dNGjAD3WylKNnP55Zmumf22eTVPaknaDE1O7WK+Vszcg9FhFdqRVWlQC
eqnpQW5Je9+1cUYr/E0R/1oG
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:49 2023 by rpki-client on console.sobornost.net